/*********************************************************** Write entries from stdin to current local idmap **********************************************************/ static int net_idmap_restore(int argc, const char **argv) { if (!idmap_init(lp_idmap_backend())) { d_fprintf(stderr, "Could not init idmap\n"); return -1; } while (!feof(stdin)) { fstring line, sid_string, fmt_string; int len; unid_t id; int type = ID_EMPTY; DOM_SID sid; if (fgets(line, sizeof(line)-1, stdin) == NULL) break; len = strlen(line); if ( (len > 0) && (line[len-1] == '\n') ) line[len-1] = '\0'; /* Yuck - this is broken for sizeof(gid_t) != sizeof(int) */ snprintf(fmt_string, sizeof(fmt_string), "GID %%d %%%us", FSTRING_LEN); if (sscanf(line, fmt_string, &id.gid, sid_string) == 2) { type = ID_GROUPID; } /* Yuck - this is broken for sizeof(uid_t) != sizeof(int) */ snprintf(fmt_string, sizeof(fmt_string), "UID %%d %%%us", FSTRING_LEN); if (sscanf(line, fmt_string, &id.uid, sid_string) == 2) { type = ID_USERID; } if (type == ID_EMPTY) { d_printf("ignoring invalid line [%s]\n", line); continue; } if (!string_to_sid(&sid, sid_string)) { d_printf("ignoring invalid sid [%s]\n", sid_string); continue; } if (!NT_STATUS_IS_OK(idmap_set_mapping(&sid, id, type))) { d_fprintf(stderr, "Could not set mapping of %s %lu to sid %s\n", (type == ID_GROUPID) ? "GID" : "UID", (type == ID_GROUPID) ? (unsigned long)id.gid: (unsigned long)id.uid, sid_string_static(&sid)); continue; } } idmap_close(); return NT_STATUS_IS_OK(net_idmap_fixup_hwm()) ? 0 : -1; }
static struct idmap_domain *idmap_init_default_domain(TALLOC_CTX *mem_ctx) { struct idmap_domain *result; char *modulename; char *params; DEBUG(10, ("idmap_init_default_domain: calling static_init_idmap\n")); static_init_idmap; if (!parse_idmap_module(talloc_tos(), lp_idmap_backend(), &modulename, ¶ms)) { DEBUG(1, ("parse_idmap_module failed\n")); return NULL; } DEBUG(3, ("idmap_init: using '%s' as remote backend\n", modulename)); result = idmap_init_domain(mem_ctx, "*", modulename, params); if (result == NULL) { goto fail; } TALLOC_FREE(modulename); TALLOC_FREE(params); return result; fail: TALLOC_FREE(modulename); TALLOC_FREE(params); TALLOC_FREE(result); return NULL; }
static bool lp_scan_idmap_found_domain(const char *string, regmatch_t matches[], void *private_data) { bool ok = false; if (matches[1].rm_so == -1) { fprintf(stderr, "Found match, but no name - invalid idmap config"); return false; } if (matches[1].rm_eo <= matches[1].rm_so) { fprintf(stderr, "Invalid match - invalid idmap config"); return false; } { struct idmap_domains *d = private_data; struct idmap_config *c = &d->c[d->count]; regoff_t len = matches[1].rm_eo - matches[1].rm_so; char domname[len + 1]; if (d->count >= d->size) { return false; } memcpy(domname, string + matches[1].rm_so, len); domname[len] = '\0'; c->domain_name = talloc_strdup_upper(d->c, domname); if (c->domain_name == NULL) { return false; } c->backend = talloc_strdup(d->c, lp_idmap_backend(domname)); if (c->backend == NULL) { return false; } ok = lp_idmap_range(domname, &c->low, &c->high); if (!ok) { fprintf(stderr, "ERROR: Invalid idmap range for domain " "%s!\n\n", c->domain_name); return false; } d->count++; } return false; /* Keep scanning */ }
int main(int argc, char **argv) { pstring logfile; static BOOL interactive = False; static BOOL Fork = True; static BOOL log_stdout = False; struct poptOption long_options[] = { POPT_AUTOHELP { "stdout", 'S', POPT_ARG_VAL, &log_stdout, True, "Log to stdout" }, { "foreground", 'F', POPT_ARG_VAL, &Fork, False, "Daemon in foreground mode" }, { "interactive", 'i', POPT_ARG_NONE, NULL, 'i', "Interactive mode" }, { "single-daemon", 'Y', POPT_ARG_VAL, &opt_dual_daemon, False, "Single daemon mode" }, { "no-caching", 'n', POPT_ARG_VAL, &opt_nocache, True, "Disable caching" }, POPT_COMMON_SAMBA POPT_TABLEEND }; poptContext pc; int opt; /* glibc (?) likes to print "User defined signal 1" and exit if a SIGUSR[12] is received before a handler is installed */ CatchSignal(SIGUSR1, SIG_IGN); CatchSignal(SIGUSR2, SIG_IGN); fault_setup((void (*)(void *))fault_quit ); /* Initialise for running in non-root mode */ sec_init(); set_remote_machine_name("winbindd", False); /* Set environment variable so we don't recursively call ourselves. This may also be useful interactively. */ setenv(WINBINDD_DONT_ENV, "1", 1); /* Initialise samba/rpc client stuff */ pc = poptGetContext("winbindd", argc, (const char **)argv, long_options, POPT_CONTEXT_KEEP_FIRST); while ((opt = poptGetNextOpt(pc)) != -1) { switch (opt) { /* Don't become a daemon */ case 'i': interactive = True; log_stdout = True; Fork = False; break; } } if (log_stdout && Fork) { printf("Can't log to stdout (-S) unless daemon is in foreground +(-F) or interactive (-i)\n"); poptPrintUsage(pc, stderr, 0); exit(1); } pstr_sprintf(logfile, "%s/log.winbindd", dyn_LOGFILEBASE); lp_set_logfile(logfile); setup_logging("winbindd", log_stdout); reopen_logs(); DEBUG(1, ("winbindd version %s started.\n", SAMBA_VERSION_STRING) ); DEBUGADD( 1, ( "Copyright The Samba Team 2000-2004\n" ) ); if (!reload_services_file()) { DEBUG(0, ("error opening config file\n")); exit(1); } /* Setup names. */ if (!init_names()) exit(1); load_interfaces(); if (!secrets_init()) { DEBUG(0,("Could not initialize domain trust account secrets. Giving up\n")); return False; } /* Enable netbios namecache */ namecache_enable(); /* Check winbindd parameters are valid */ ZERO_STRUCT(server_state); /* Winbind daemon initialisation */ if ( (!winbindd_param_init()) || (!winbindd_upgrade_idmap()) || (!idmap_init(lp_idmap_backend())) ) { DEBUG(1, ("Could not init idmap -- netlogon proxy only\n")); idmap_proxyonly(); } generate_wellknown_sids(); /* Unblock all signals we are interested in as they may have been blocked by the parent process. */ BlockSignals(False, SIGINT); BlockSignals(False, SIGQUIT); BlockSignals(False, SIGTERM); BlockSignals(False, SIGUSR1); BlockSignals(False, SIGUSR2); BlockSignals(False, SIGHUP); BlockSignals(False, SIGCHLD); /* Setup signal handlers */ CatchSignal(SIGINT, termination_handler); /* Exit on these sigs */ CatchSignal(SIGQUIT, termination_handler); CatchSignal(SIGTERM, termination_handler); CatchSignal(SIGCHLD, sigchld_handler); CatchSignal(SIGPIPE, SIG_IGN); /* Ignore sigpipe */ CatchSignal(SIGUSR2, sigusr2_handler); /* Debugging sigs */ CatchSignal(SIGHUP, sighup_handler); if (!interactive) become_daemon(Fork); pidfile_create("winbindd"); #if HAVE_SETPGID /* * If we're interactive we want to set our own process group for * signal management. */ if (interactive) setpgid( (pid_t)0, (pid_t)0); #endif if (opt_dual_daemon) { do_dual_daemon(); } /* Initialise messaging system */ if (!message_init()) { DEBUG(0, ("unable to initialise messaging system\n")); exit(1); } /* React on 'smbcontrol winbindd reload-config' in the same way as to SIGHUP signal */ message_register(MSG_SMB_CONF_UPDATED, msg_reload_services); message_register(MSG_SHUTDOWN, msg_shutdown); poptFreeContext(pc); netsamlogon_cache_init(); /* Non-critical */ init_domain_list(); /* Loop waiting for requests */ process_loop(); trustdom_cache_shutdown(); return 0; }